Your store contains several pages that allow for customer input, usually in the form of text fields. While these input fields primarily collect submissions from genuine customers, they can also open your website to targeting by web "bots" -- tiny, unwanted spam applications that are built to perform repetitive automated tasks on a web page. Fortunately, CAPTCHA tests can help protect your site from spam while still allowing real customer submissions to go through. 

The classic CAPTCHA format involves a randomly-generated sequence of distorted numbers and letters. A user must type the exact characters shown in order to be considered "human"; otherwise, the website won't accept the form submission. As spam bots have grown more sophisticated over the years, however, these CAPTCHA tests have become unnecessarily difficult to decipher -- even for humans! 

Enter Google reCAPTCHA: a modern, simplified CAPTCHA test that's easy for real users, yet provides an even higher degree of security against SPAM bots. Instead of struggling to identify squiggles as characters, a customer can answer a simple question and check a box that proclaims, "I'm not a robot." Volusion websites are currently compatible with Google reCAPTCHA Version 2.

Enabling reCAPTCHA

It's free to use reCAPTCHA, but you'll need a Google account to set it up. If you don't already have a Google account, take a moment to create one, then visit Google's reCAPTCHA API Registration page. Once there, follow the steps below:

  1. Select Invisible reCAPTCHA and enter the domain names (or subdomain names) of the websites for which you'll be using reCAPTCHA.  You can use the same credentials for multiple sites, including subdomains (e.g.

  2. Select the checkbox to "Accept the reCAPTCHA Terms of Service", then click Register.

  3. Locate the API Key Pair, which consists of the Site Key and the Secret Key. Copy and paste these values for future use, as you'll need them to integrate reCAPTCHA with your Volusion store. Note that these key pairs are domain-specific, so if you entered more than one domain name in step 1, you'll see more than one pair.

  4. Visit Design > reCAPTCHA in your Volusion store's Admin Area and select Enable near the top of the page.

  5. Under Configuration, paste the Site Key and Secret Key values you copied earlier into the corresponding admin fields.

  6. Under Use reCAPTCHA On These Pages, select which built-in submission pages you'd like to enable reCAPTCHA for. By default, all available pages are selected.

  7. Click Save.

Each page you selected will now require customers to complete a reCAPTCHA test before accepting submissions. Per Google, note that it may take up to 30 minutes for a domain's API Key Pair to function. 

If you ever need to disable, re-enable, or update settings for your reCAPTCHA integration, you can do so at any time by returning to the Design > reCAPTCHA page in your Admin Area.

Pages that Support reCAPTCHA

The reCAPTCHA form can be enabled for the following hard-coded pages, each of which requires some type of input from the end user:

  • Login.asp

  • Login_Sendpass.asp

  • Register.asp

  • One-Page-Checkout.asp

  • MailingList_Subscribe.asp

  • Help_EmailBetterPrice.asp

  • Catalog_Subscribe.asp

  • Email_Me_When_Back_In_Stock.asp

  • ReviewNew.asp

  • ShoppingCart.asp

  • EmailaFriend.asp

  • Ticket_New.asp

*In order to comply with CAN-SPAM laws, the MailingList_Subscribe.asp page is required to contain some form of CAPTCHA functionality. If you don't enable the simplified reCAPTCHA functionality, you'll still see an older version of a CAPTCHA test on that page. 

If your website's theme includes a newsletter signup form in the footer, it's particularly important to consider enabling reCAPTCHA for the Newsletter Signup page. This reduces frustration customers may experience when having to reenter information or complete an additional CAPTCHA test to sign up.

Custom Pages

You can also enable reCAPTCHA for any custom form page (such as Article 83, the "Contact Us" page) by replacing the first line of code in the Article Body (<form name="eMail" method="post" action="emailform.asp">) with the following:

<form name="eMail" id="eMail" method="post" action="emailform.asp">

Then adding the following code between the <form name="eMail" id="eMail" method="post" action="emailform.asp"> and </form> tags:

<script src="" async defer></script>
       function onSubmit(token) {
<button class="g-recaptcha" data-sitekey="your_site_key" data-callback='onSubmit'>Submit</button>

Important! Make sure you replace "your_site_key" in the above code with the ACTUAL site key from your reCAPTCHA account.

It will be necessary to remove the existing Submit button code as well, as the reCaptcha will now function as the submit button:

<br /><br />Please enter the following code into the box provided:<br />$(Verification_Image)<br /><input type="text" name="Verification_Code" /><br>
<input type="submit" name="submit" value="submit">

Custom and Advanced reCAPTCHA Settings

If you ever need to disable, re-enable, or update settings for your reCAPTCHA integration, you can do so at any time by returning to the Design > reCAPTCHA page in your Admin Area.

The following settings allow additional configuration:

  • Size: Choose from Invisible (recommended), Normal, or Compact.

  • Language: By default, this field is set to "en" for English. If you need your reCAPTCHA tests to use a different language, check Google's documentation for the correct language code and type it into this field.

  • Badge: This setting is only available when the Size is set to Invisible. Choose from Bottom Right, Bottom Left, or Inline (advanced). Note that the Inline badge theme is only intended for advanced users with knowledge of JavaScript and CSS. 

  • Type: This setting is only available when the Size is set to Normal or Compact. Choose between an Image or Audio reCAPTCHA test.

  • Theme: This setting is only available when the Size is set to Normal or Compact. Choose between a Light or Dark theme.

Settings within your Google reCAPTCHA page

Additional settings, including Security Preferences, can be set within the Google reCaptcha Admin Page.

Do I have to use reCAPTCHA?

You aren't required to enable reCAPTCHA, although we highly recommend doing so. The reCAPTCHA feature is a useful tool for protecting your website from spam orders, false form entries, and other robot-generated abuse.

Did this answer your question?